The purpose of this alert is to inform rmsource clients of current or imminent security concerns so that proper precautions may be taken.
The Federal Trade Commission and Internal Revenue Service have both issued alerts for new methods and techniques on traditional tech-support scam attacks.
IRS reports that threat actors are taking advantage of the post-tax filing season with scams linked to the Electronic Federal Tax Payment System and Private Debt Collection agencies, while the FTC reports threat actors impersonating organizations recently halted by the FTC, claiming to be issuing reimbursements to victims.
Security Bulletins:
IRS Cautions Taxpayers to Watch for Summertime Scams
https://www.irs.gov/uac/newsroom/irs-cautions-taxpayers-to-watch-for-summertime-scams
FTC – Scammers Don’t Really Give Refunds
https://www.consumer.ftc.gov/blog/scammers-dont-really-give-refunds
rmsource Recommendations:
The best defense against Social Engineering attacks is user education. rmsource recommends distributing the links listed in this InfoSec alert as a reminder to the current threats and tactics being used. In addition, the United States Computer Emergency Readiness Team provides security tips on recognizing and avoiding Social Engineering and Phishing Attacks in the following link:
https://www.us-cert.gov/ncas/tips/ST04-014